I have been trying to find a solution to my problem is the last 10 days, and I found nothing. So, I am trying to restrict the Authentication Context XML Schema Definition of SAML 2.0. The XSD document is accessible at http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd.
The part that I am trying to restrict is the one related to this part of the XSD document:
<xs:complexType name="PasswordType"> <xs:sequence> <xs:element ref="Length" minOccurs="0"/> <xs:element ref="Alphabet" minOccurs="0"/> <xs:element ref="Generation" minOccurs="0"/> <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/></xs:complexType><xs:element name="RestrictedPassword" type="RestrictedPasswordType"/><xs:complexType name="RestrictedPasswordType"> <xs:complexContent> <xs:restriction base="PasswordType"> <xs:sequence> <xs:element name="Length" type="RestrictedLengthType" minOccurs="1"/> <xs:element ref="Generation" minOccurs="0"/> <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/> </xs:restriction> </xs:complexContent></xs:complexType>
Well, I do not know how to restrict the RestrictedPassword complex Type. Below is my XSD, that tries to restrict the original XSD document.
<?xml version="1.0" encoding="UTF-8"?><xs:schema version="2.0" targetNamespace="urn:m:SAML:2.0:ac:classes:K" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:m:SAML:2.0:ac:classes:K" finalDefault="extension" blockDefault="substitution"> <xs:redefine schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-authn-context-types-2.0.xsd"> <xs:complexType name="RestrictedPasswordType"> <xs:complexContent> <xs:restriction base="RestrictedPasswordType"> <xs:sequence> <xs:element ref="Length" minOccurs="0"/> <xs:element ref="Generation"/> <xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="ExternalVerification" type="xs:anyURI" use="optional"/> </xs:restriction> </xs:complexContent> </xs:complexType> </xs:redefine> </xs:schema>
When I try to validate this XSD in this tool http://www.utilities-online.info/xsdvalidation/#.UwJAzK69h31 it returns me an error, that I do not know how to fix.
Any help is welcome.
Thanks!
Domenech, Marlon